yamt commented on pull request #695: URL: https://github.com/apache/incubator-nuttx-apps/pull/695#issuecomment-840377859
> > > > if the code is bug-free, the value doesn't matter. > > > > they should not be used by anyone. > > > > thus those NULLify should not be necessary. > > > > > > > > > The value wouldn't matter if it were stored in a local variable, but it is not the case. Since the lifetime of this dangling pointer is extended, the value does matter. > > > And all it takes for a software to change from "Bug-free" to "Vulnerable" is one single commit. > > > And if this single commit naively operates on this dangling pointer, the system will crash. > > > > > > why doesn't a local variable matter? > > with your logic, i think the value left on stack might be unintentionally used by a buggy software. > > Well, I was referring to local variables that are about to go out-of-scope, that's why I mentioned the extended lifetime for the other cases where the value does matter. > If a local variable goes out-of-scope (i.e. its lifetime is over), it cannot be referenced anymore, so its pointer value is harmless. But I won't bother if you still want to nullify it. buggy software can happily access the value by reading an uninitialized variable. anyway, i'm not a fan of nullify. > > > > > i pushed a counter-proposal to the defensive style. [219356c](https://github.com/apache/incubator-nuttx-apps/commit/219356ce7d1b8a26140c98d303d493c6f04b19e9) > > > > > > > > > Good, this commit may be a proof that this code is not **currently** buggy. But that's not the issue I raised. > > > Now, here it is a simple unit test for making this potential bug evident: > > > https://godbolt.org/z/f4dzW8M44 > > > > > > the unit test is just broken. > > it doesn't seem to support your argument. > > Guess why it is broken? > > ``` > Program stderr > free(): double free detected in tcache 2 > ``` > > I rest my case. it's something like having a unit test like the following and claiming that free() has a problem. it doesn't make much sense. ``` p = malloc(1); free(p); free(p); ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
